Patrick Frischknecht

Many Android Apps suffer from diverse avoidable vulnerabilities. Their presence is often indicated through specific code patterns that could lead to insecure code, called security smells .

The target of my Bachelor’s Project is to detect such security smells in the source code with the help of static analysis and to report them to the developer directly in the IDE. Because many static analysis tools for android code (or java code in General) already exist, my project will probably extend an existing tool with new detectors for those android specific security smells.